CVSS: 7.6EPSS: 6%CPEs: 3EXPL: 0CVE-2018-8380
https://notcve.org/view.php?id=CVE-2018-8380
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8266, CVE-2018-8381, CVE-2018-8384. Existe una vulnerabilidad de ejecución remota de código que se manifiesta en la forma en la que el motor de scripting de Chakra gestiona los objetos en la memoria en Microsoft Edge. Esto también se conoce como "Chakra Scripting Engine Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/104979 http://www.securitytracker.com/id/1041457 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8380 • CWE-787: Out-of-bounds Write •
CVSS: 7.6EPSS: 6%CPEs: 8EXPL: 0CVE-2018-8266
https://notcve.org/view.php?id=CVE-2018-8266
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8380, CVE-2018-8381, CVE-2018-8384. Existe una vulnerabilidad de ejecución remota de código que se manifiesta en la forma en la que el motor de scripting de Chakra gestiona los objetos en la memoria en Microsoft Edge. Esto también se conoce como "Chakra Scripting Engine Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/104977 http://www.securitytracker.com/id/1041457 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8266 • CWE-787: Out-of-bounds Write •
CVSS: 7.6EPSS: 8%CPEs: 3EXPL: 0CVE-2018-8377
https://notcve.org/view.php?id=CVE-2018-8377
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8387. Existe una vulnerabilidad de ejecución remota de código cuando Microsoft Edge accede incorrectamente a los objetos en la memoria. Esto también se conoce como "Microsoft Edge Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/105020 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8377 • CWE-787: Out-of-bounds Write •
CVSS: 7.6EPSS: 8%CPEs: 2EXPL: 0CVE-2018-8387
https://notcve.org/view.php?id=CVE-2018-8387
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8377. Existe una vulnerabilidad de ejecución remota de código cuando Microsoft Edge accede incorrectamente a los objetos en la memoria. Esto también se conoce como "Microsoft Edge Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/105021 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8387 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 152EXPL: 0CVE-2018-5391 – The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets
https://notcve.org/view.php?id=CVE-2018-5391
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size. El kernel de Linux en versiones a partir de la 3.9 es vulnerable a un ataque de denegación de servicio (DoS) con tasas bajas de paquetes especialmente modificados que apuntan hacia el reensamblado de fragmentos de IP. • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en http://www.openwall.com/lists/oss-security/2019/06/28/2 http://www.openwall.com/lists/oss-security/2019/07/06/3 http://www.openwall.com/lists/oss-security/2019/07/06/4 http://www.securityfocus.com/bid/105108 http://www.securitytracker.com/id/1041476 http://www.securitytracker.com/id/1041637 https://access.redhat.co • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •